<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>splat.conf</title><link rel="stylesheet" href="docbook.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.73.2" /><link rel="start" href="index.html" title="Splat: Scalable Periodic LDAP Attribute Transmogrifier" /><link rel="up" href="rn01.html" title="Splat Man Pages" /><link rel="prev" href="rn01re01.html" title="splatd" /></head><body><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">splat.conf</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="rn01re01.html">Prev</a> </td><th width="60%" align="center">Splat Man Pages</th><td width="20%" align="right"> </td></tr></table><hr /></div><div class="refentry" lang="en" xml:lang="en"><a id="splat.conf_man"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>splat.conf — 
          Scalable Periodic LDAP Attribute Transmogrifier configuration file
        </p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id395355"></a><h2>Introduction</h2><p>The Splat configuration file is composed of three different
        section types: </p><div class="itemizedlist"><ul type="disc"><li><p>LDAP Configuration</p></li><li><p>Service Helper Configuration</p></li><li><p>Logging Configuration</p></li></ul></div><p> The configuration uses an Apache-style syntax:
        </p><pre class="programlisting">
&lt;LDAP&gt;
    # The LDAP Server configuration.
    # URI of the server(s)
    URI         ldaps://ldap1.example.com
    # The default search base for the server
    BaseDN      dc=example,dc=com
&lt;/LDAP&gt;
                    </pre></div><div class="refsect1" lang="en" xml:lang="en"><a id="id395401"></a><h2>LDAP Configuration</h2><p>The <code class="computeroutput">LDAP</code> section defines
        connection parameters for your LDAP server, and may appear once within
        a Splat configuration file. If you make use of SSL/TLS, you will need to
        ensure that the appropriate settings are enabled in your system
        <code class="filename">ldap.conf</code> (e.g.
        <code class="computeroutput">TLS_CACERT</code> or
        <code class="computeroutput">TLS_CACERTDIR</code>, if necessary).</p><div class="refsect2" lang="en" xml:lang="en"><a id="id395429"></a><h3>LDAP Configuration Options</h3><div class="variablelist"><dl><dt><span class="term">URI</span></dt><dd><p>URI of the LDAP server(s).</p></dd><dt><span class="term">BaseDN</span></dt><dd><p>Default Search Base DN.</p></dd><dt><span class="term">BindDN</span></dt><dd><p>LDAP Bind DN. If omitted, Slap will use an anonymous
                bind.</p></dd><dt><span class="term">Password</span></dt><dd><p>LDAP Bind Password.</p></dd></dl></div></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id395496"></a><h2>Logging Configuration</h2><p>The <code class="computeroutput">Logging</code> section configures
        logging for the Splat daemon. It is composed of any number of
        <code class="computeroutput">syslog</code> or
        <code class="computeroutput">logfile</code> subsections and a global 
        <code class="computeroutput">Level</code> setting.</p><div class="variablelist"><dl><dt><span class="term">Level</span></dt><dd><p>Log Verbosity. One of: debug, info, warning, error,
              critical</p></dd></dl></div><div class="refsect2" lang="en" xml:lang="en"><a id="id395540"></a><h3>Syslog Configuration Options</h3><div class="variablelist"><dl><dt><span class="term">Facility</span></dt><dd><p>Syslog Facility.</p></dd><dt><span class="term">Address</span></dt><dd><p>Address of syslog server, or pathname to syslog socket.
                This varies between hosts. FreeBSD's syslog socket is located
                at <code class="filename">/var/run/log</code>, while Linux systems often
                use <code class="filename">/dev/log</code>.</p></dd></dl></div></div><div class="refsect2" lang="en" xml:lang="en"><a id="id395587"></a><h3>Logfile Configuration Options</h3><div class="variablelist"><dl><dt><span class="term">Path</span></dt><dd><p>Path to log file, or reference to Python file object
                such as STDOUT.</p></dd></dl></div></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id395613"></a><h2>Service Helper Configuration</h2><p>The <code class="computeroutput">Service</code> section configures
        Splat's service helper modules. It is composed service-specific
        settings, including any number of
        <code class="computeroutput">Option</code>, and
        <code class="computeroutput">Group</code> subsections. Group and Service
        names (such as <span class="emphasis"><em>UserSSH</em></span> or
        <span class="emphasis"><em>Administrators</em></span>) must be unique within their
        scope, but are not interpreted by Splat in any other way.</p><p><code class="computeroutput">Option</code> subsections may be
        specified in both the Service section and the Group subsection.
        Options are used to set and unset helper-specific settings. Module
        options are documented in the module-specific documentation. Example:
        </p><pre class="programlisting">
&lt;Option mingid&gt;
  # Do not write keys for users with a GID less than mingid
  Value 1000
&lt;/Option&gt; 
  
# Unset the Command option
&lt;Option command/&gt;
</pre><div class="refsect2" lang="en" xml:lang="en"><a id="id395662"></a><h3>Service Configuration Options</h3><div class="variablelist"><dl><dt><span class="term">Helper</span></dt><dd><p>Python Helper Module. Example:
                splat.helpers.sshPublicKeys</p></dd><dt><span class="term">Frequency</span></dt><dd><p>Frequency at which helper is invoked. Units may be
                specified in hours (h), minutes (m), or seconds (s).</p></dd><dt><span class="term">SearchBase</span></dt><dd><p>LDAP search base. If left unspecified, defaults to the
                BaseDN specified in the LDAP configuration section.</p></dd><dt><span class="term">SearchFilter</span></dt><dd><p>LDAP search filter. All records that match this filter
                (and, optionally, are members of a permitted group) will be
                passed to the service helper module.</p></dd><dt><span class="term">RequireGroup (yes/no)</span></dt><dd><p>Require that returned entries match one of the specified
                Groups.</p></dd></dl></div></div><div class="refsect2" lang="en" xml:lang="en"><a id="id395748"></a><h3>Group Configuration Options</h3><div class="variablelist"><dl><dt><span class="term">SearchBase</span></dt><dd><p>LDAP search base. If left unspecified, defaults to the
                BaseDN specified in the LDAP configuration section.</p></dd><dt><span class="term">SearchFilter</span></dt><dd><p>LDAP search filter. All records that match this filter
                will determine this groups membership. The filter should
                return groupOfUniqueNames or groupOfNames objects. I suggest
                using RFC2307bis to combine posixGroup and
                groupOfUniqueName.</p></dd><dt><span class="term">MemberAttribute</span></dt><dd><p>LDAP attribute used to store member DNs. Defaults to
                uniqueMember.</p></dd></dl></div></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id395807"></a><h2>Examples</h2><p>An example configuration file <code class="filename">splat.conf</code> is
        included with the Splat source.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id395821"></a><h2>See Also</h2><p>
          <span class="citerefentry"><span class="refentrytitle">splatd</span>(8)</span>
          <span class="citerefentry"><span class="refentrytitle">ldap.conf</span>(5)</span>
        </p><p>
          <a class="ulink" href="http://code.google.com/p/splatd" target="_top">http://code.google.com/p/splatd</a>.
        </p></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="rn01re01.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="rn01.html">Up</a></td><td width="40%" align="right"> </td></tr><tr><td width="40%" align="left" valign="top">splatd </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> </td></tr></table></div></body></html>
